logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: apr_crypto_openssl
Author
jgsirac



Joined: 28 Oct 2013
Posts: 1
Location: Paris, France

PostPosted: Mon 28 Oct '13 11:33    Post subject: apr_crypto_openssl Reply with quote

Hello there,

I am using a vhost with a AuthFormProvider authentification.

If I use the instruction SessionCryptoPassphrase the Apache service crashes with no reason.

I tried the version on ApacheHaus and the same configuration works ok.

As far as I can tell the crash originates from a dll which is missing on ApachaLounge but wich is provided on ApacheHaus: apr_crypto_openssl-1.dll. It seems it is needed to encrypt the session with the provided passphrase.

Can anyone confirm this?

Thanks,
JG



Windows 7 SP1
ApacheLounge: httpd-2.4.6-win32-VC11
PHP: php-5.5.5-Win32-VC11-x86
Back to top
admin
Site Admin


Joined: 15 Oct 2005
Posts: 692

PostPosted: Mon 28 Oct '13 12:10    Post subject: Reply with quote

Indeed it is not included in the AL build.
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Mon 28 Oct '13 18:23    Post subject: Re: apr_crypto_openssl Reply with quote

jgsirac wrote:
As far as I can tell the crash originates from a dll which is missing on ApachaLounge but wich is provided on ApacheHaus: apr_crypto_openssl-1.dll. It seems it is needed to encrypt the session with the provided passphrase


Technically no, you only need that if you want to use OpenSSL as the encryption driver.

SessionCryptoDriver openssl

There is a crypto layer and built in driver in APR-Util 1.5.x which must be enabled during compile to be included. If this is not enabled up front, then the crypto will not work regardless and it is disabled by default.

ApacheHaus enables this crypto layer before compile and as a bonus includes the OpenSSL driver (apr_crypto_openssl-1.dll) since OpenSSL is already being used by the server for HTTPS. Apparently, ApacheLounge doesn't enable this before compile.

If you are not specifying openssl as the encryption driver with the SessionCryptoDriver directive, you are really just using the one built into APR-Util and could remove the apr_crypto_openssl-1.dll file and it would still work on the ApacheHaus builds.
Back to top
admin
Site Admin


Joined: 15 Oct 2005
Posts: 692

PostPosted: Mon 28 Oct '13 18:48    Post subject: Reply with quote

Crypto is enabled in the AL build, no OpenSSL crypto, only build-in apr crypto.
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Mon 28 Oct '13 19:14    Post subject: Reply with quote

Then either there is a bug or the documentation is wrong, or my understanding is incorrect (more likely). I just gave it a test and did not like the results I'm finding.
Apache Docs wrote:
The SessionCryptoDriver directive specifies the name of the crypto driver to be used for encryption. If not specified, the driver defaults to the recommended driver compiled into APR-util.


Yet if I use SessionCryptoPassphrase without specifying a driver or the openssl dll presernt I get;
[Mon Oct 28 10:04:13.042200 2013] [session_crypto:error] [pid 5596:tid 796] (OS 126)The specified module could not be found. : AH01845: The crypto library 'openssl' could not be loaded: The specified module could not be found. (: 0)

So, I guess for crypto to really work on Windows, at least one of the drivers must be present.
Back to top


Reply to topic   Topic: apr_crypto_openssl View previous topic :: View next topic
Post new topic   Forum Index -> Apache